Documentation for Crowd 1.6. Documentation for other versions of Crowd is available too.
About Groups and Roles
Groups and roles are known as permission container objects. Groups are particularly important in Crowd, as they are often used to control access to applications. Note also that the crowd-administrators group confers Crowd administration rights to its members. Roles are used less frequently, depending on the requirements of individual applications.
Crowd's role-based access control could be enhanced
At present, the implementation of roles in Crowd is identical to the implementation of groups. Additional development work would be needed to differentiate the functionality of roles from groups. If you would like to help us to design better role-based access control, please add a comment to the improvement request CWD-931, letting us know how you would like to see it work.
About nested groups
Some user directories allow you to define a group as a member of another group. Groups in such a structure are called 'nested groups'. In Crowd, you can map any group to an application, including a group which contains other groups. Currently, nested groups are supported for LDAP directory connectors only. You can enable or disable support for nested groups on each LDAP directory individually. For more information, refer to Configuring an LDAP Directory Connector.
For more details about nested groups, refer to Nested Groups in Crowd.About the Group Browser and the Role Browser
The Group Browser and the Role Browser are very similar. They allow you to search, view, add and edit the various groups and roles stored within a specified directory.
To use the Group Browser,
- Log in to the Crowd Administration Console.
- Click the 'Groups' tab in the top navigation bar.
- The Group Browser will appear. Select the directory in which you are interested, then click the 'Search' button to list all the groups that exist in that directory.
You can refine your search by specifying a 'Name' or by choosing 'Active' or 'Inactive' groups. - To view or edit a group's details, click the 'View' link.
- Click the 'Members' tab to view the immediate members of the group, including users and other groups.
- Click the 'All Users' tab (if present) to view all users who are included in the group and in its sub-groups
- The 'All Users' tab will appear only if the group you are viewing contains sub-groups.
- You can read more about group members in Viewing Members of a Group.
Screenshot 1: 'Group Browser'
Screenshot 2: 'View and Update Group Details'
関連トピック
- Using the User Browser
- Adding a User
- Deleting or Deactivating a User
- Managing a User's Session
- Editing a User's Details and Password
- Specifying a User's Attributes
- Granting Crowd Administration Rights to a User
- Granting Crowd User Rights to a User
- Using the Group Browser and Role Browser
- Viewing Members of a Group
- Case Sensitivity of Usernames, Groups and Roles
- Editing a User's Group and Role Membership
概要
コンテンツ ツール
アプリ
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.